Currently we install an old version of falcon that we download internally, then CrowdStrike updates the version. The gap is getting large - latest version is 7.16.
If we use the collection instead of command and systemd tasks, we can download the appropriate version directly from CrowdStrike.
Level of urgency
[ ] High
[x] Moderate
[ ] Low
Why is this maintenance needed?
As the version gap widens, upgrades get more difficult. We should keep up.
Acceptance criteria
[ ] We download the appropriate version of Falcon sensor directly from CrowdStrike and install it on new VMs
Implementation notes, if any
We can use the sensor_download_info module to identify the appropriate version and pass the resulting hash to the falcon_install module to install it.
What maintenance needs to be done?
Currently we install an old version of falcon that we download internally, then CrowdStrike updates the version. The gap is getting large - latest version is 7.16.
If we use the collection instead of
command
andsystemd
tasks, we can download the appropriate version directly from CrowdStrike.Level of urgency
Why is this maintenance needed?
As the version gap widens, upgrades get more difficult. We should keep up.
Acceptance criteria
Implementation notes, if any
We can use the
sensor_download_info
module to identify the appropriate version and pass the resulting hash to thefalcon_install
module to install it.